Miggo Logo
Miggo Vulnerability Database
CVE-2013-6419

CVE-2013-6419: OpenStack Nova Router metadata queries are not restricted by tenant

5

CVSS Score

Basic Information

CVE ID
CVE-2013-6419
GHSA ID
GHSA-22w9-j288-8p9w
EPSS Score
0.62911%
CWE
CWE-200
Published
5/17/2022
Updated
5/14/2024
KEV Status
No
Technology
TechnologyPython

Technical Details

CVSS Vector
AV:N/AC:L/Au:N/C:P/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
novapip< 12.0.0a012.0.0a0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability arises because Nova's _handle_instance_id_request in api/metadata/handler.py lacked tenant validation. The provided commit diff shows this function was patched to add X-Tenant-ID checks, confirming its role in the vulnerability. While Neutron's neutron-metadata-agent (agent/metadata/agent.py) is also implicated, the exact vulnerable function isn't specified in the provided data, so only the Nova function is included with high confidence.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

Int*r**tion *rror in Op*nSt**k Nov* *n* N*utron ***or* **v*n* ****.*.* *n* i***ous*-* *o*s not v*li**t* t** inst*n** I* o* t** t*n*nt m*kin* * r*qu*st, w*i** *llows r*mot* t*n*nts to o*t*in s*nsitiv* m*t***t* *y spoo*in* t** **vi** I* t**t is *oun* t

Reasoning

T** vuln*r**ility *ris*s ****us* Nov*'s _**n*l*_inst*n**_i*_r*qu*st in *pi/m*t***t*/**n*l*r.py l**k** t*n*nt v*li**tion. T** provi*** *ommit *i** s*ows t*is *un*tion w*s p*t**** to *** X-T*n*nt-I* ****ks, *on*irmin* its rol* in t** vuln*r**ility. W*i